Showing posts with label rootkits. Show all posts
Showing posts with label rootkits. Show all posts

Sunday, September 23, 2012

ZeroAccess: How to remove the latest version

   In my previous 2 posts I have highlighted the changes in the newer version of ZeroAccess and how to tell if you are infected, and who is at most risk. This post will cover how to get rid of this infection, and what tools to use to protect against it.

    The easiest way is to download one of many anti-virus programs, or removal tools. I always recommend ESET as they have always gotten the job done for me and my family. ESET has made a tool specifically to remove the ZeroAccess bot, one that is easy and completely free.

  1. Download the tool here
  2. Start the tool by double clicking it.
  3. Press "Y" when it asks you if you want to restore system services
  4. Once the tool has finished working, restart your computer by pressing any key.
  5. You may be prompted with a security window upon restarting, click yes or allow
  6. Click "Yes" on the repair window
  7. Once the repair is finished, you will be prompted to restart again, do so.
  8. For best results and to ensure complete removal, purchase ESET Smart Security or ESET Nod32 and run a full scan.
    As you can see, it is fairly simple to remove this virus, if you have any trouble, comments, or questions, let me know in the comments section (Don't be embarrassed, I have to approve comments, if you think it is a stupid question, just ask that I do not post the comment, and I will contact you directly.)

    The main way this bot spreads is through exploits, most of which are patched in the latest versions of the software they are designed to exploit, so make sure you apply regular updates, and don't visit shady sites. Also, I know it may be hard to refrain from pirating things like games, so I encourage you to only download "cracks" if there have been many downloads, even then, make sure to read the comments and do not download if it is reported to be infected, or not working correctly. Also remember that I do not condone pirating or any form of illegal downloads.


Posted by at No comments:
Labels: , , , , , , , , , , , , , , , , , ,

Wednesday, May 23, 2012

McAfee Labs Threat Report for Q1 2012

Here is just a brief overview of what is happening in the cyber underworld according to McAfee;

  1. People are starting to use rootkits more
    • almost 200,000 new rootkit samples in this quarter
    • Koutodor is at about 50,000 new samples
    • TDSS is falling (about 100,000, down from 120,000)
    • ZeroAccess is still becoming more popular (about 170,000 new samples)
  2. Fake AVs are still going strong (690,000 new samples)
  3. Autorun samples are about the same as last quarter (480,000)
  4. Password stealers are extremely popular it seems. (1mil new samples)
  5. Signing malware is also becoming more of a habit for "Hackers" (about 325,000 total samples of signed binaries, about 200,000 new)
  6. Mac malware is once again dwindling (280 new samples)
  7. fake AV for Mac is a little higher than last quarter, but still fairly low (about 150 new samples)
  8. Spam is Extremely low, and still falling (a little over a trillion messages per month)
  9. Large botnets are on the rise again (about 5mil infections)
    • Cutwail net is leading the rest by a fairly large margin
  10. Bad rep URLs are down again (about 7,500 new URLs)
  11. Drivebys and silent infection sites are up (about 800,000 malicious URLs)
  12. phishing sites are still down, but quickly rising (about 4,100 new sites)
  13. Hacktivism is also on the rise as many are taking up their cyber-arms to stick it to the man
Read the full report Here
Remeber to comment what I should post about next.


Posted by at 1 comment:
Labels: , , , , , , , , , ,
Subscribe to: Comments (Atom)